In many computing environments, a user must authenticate (i.e., prove) his or her identity to gain access to one or more computing devices. For example, a user may be required to provide information (such as a user identifier (ID) and password) and/or a biometric (e.g., fingerprint, retinal scan, etc.) to gain access to a workstation. Only after being authenticated may the user be given access to one or more applications on the workstation and the data accessible thereby. Thus, one concern addressed via user authentication is the security of those applications and data.
In some environments, the applications and/or data may include sensitive information. For example, patient privacy is a concern in healthcare settings. For example, the Health Information Portability and Accountability Act (HIPAA) mandates that only certain authorized users be given access to certain clinical information relating to a given patient. As a result, many healthcare organizations forbid users from sharing authentication information (such as user identifiers and/or passwords) so that the organization can ensure that each user provides his or her own authentication information to gain access to a computing device.